$2.7 million await successful Pwnium 4 contestants
Posted on 24 January 2014.
Google has, once again, called security researchers to participate in its annual Pwnium contest scheduled to be held at the CanSecWest security conference in Vancouver in mid-March.


The fourth edition of the hacking contest will, as last year, focus on the company's Chrome OS, and competitors will contend for sizeable prizes.

Contestants who manage to execute a browser or system-level compromise in guest mode or as a logged-in user, delivered via a web page, will win $110,000, and those who carry our a compromise with device persistence (“persistent Guest-to-Guest exploit” with interim reboot, delivered via a web page) will gain a cool $150,000.

The prize pool is $2.71828 million in total.

"New this year, we will also consider significant bonuses for demonstrating a particularly impressive or surprising exploit. Potential examples include defeating kASLR, exploiting memory corruption in the 64-bit browser process or exploiting the kernel directly from a renderer process," explained Jorge Lucángeli Obes, Google security engineer and Pwnium Master of Ceremonies.

"Past Pwnium competitions have focused on Intel-based Chrome OS devices, but this year researchers can choose between an ARM-based Chromebook, the HP Chromebook 11 (WiFi), or the Acer C720 Chromebook (2GB WiFi) that is based on the Intel Haswell microarchitecture. The attack must be demonstrated against one of these devices running the then-current stable version of Chrome OS."

As usual, to win a prize they will have to deliver a full exploit with thorough explanations about the exploited bugs. Any software included with the default installation may be used as part of the attack.

Researchers thinking of registering have until March 10th, 2014 to decide.

For more details, check out the official rules for the contest.









Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals it’s our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Sep 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //